Skip to main content

TencentCloudBase CloudBase-MCP CVE-2026-7221

| EUVDEUVD-2026-25978 MEDIUM
Server-Side Request Forgery (SSRF) (CWE-918)
2026-04-28 VulDB
5.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

9
CVSS changed
Apr 29, 2026 - 01:12 NVD
6.9 (MEDIUM) 5.5 (MEDIUM)
PoC Detected
Apr 29, 2026 - 01:00 vuln.today
Public exploit code
Analysis Generated
Apr 28, 2026 - 04:30 vuln.today
Severity Changed
Apr 28, 2026 - 04:22 NVD
HIGH MEDIUM
CVSS changed
Apr 28, 2026 - 04:22 NVD
7.3 (HIGH) 6.9 (MEDIUM)
EUVD ID Assigned
Apr 28, 2026 - 04:15 euvd
EUVD-2026-25978
Analysis Generated
Apr 28, 2026 - 04:15 vuln.today
Patch released
Apr 28, 2026 - 04:15 nvd
Patch available
CVE Published
Apr 28, 2026 - 03:30 nvd
MEDIUM 5.5

DescriptionCVE.org

A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url API Endpoint. The manipulation of the argument req.body.url results in server-side request forgery. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 2.17.1 is able to address this issue. The patch is identified as 3f678a1e7bd400cd76469d61024097d4920dc6b5. It is recommended to upgrade the affected component.

AnalysisAI

Server-side request forgery (SSRF) in TencentCloudBase CloudBase-MCP through version 2.17.0 allows remote unauthenticated attackers to manipulate the open-url API endpoint by injecting arbitrary URLs via the req.body.url parameter, enabling attackers to make unauthorized requests from the server to internal or external resources. The vulnerability has publicly available exploit code and affects the openUrl function in mcp/src/interactive-server.ts. Vendor-released patch version 2.17.1 is available.

Technical ContextAI

CloudBase-MCP is a Node.js-based microservice framework that exposes HTTP API endpoints for cloud service integration. The openUrl API endpoint in the interactive-server.ts component accepts a URL parameter from client requests without proper validation or sanitization. The underlying issue is CWE-918 (SSRF), where user-controlled input flows directly into server-side HTTP request operations, allowing attackers to bypass network segmentation and access internal resources (metadata services, private databases, admin interfaces) or perform outbound attacks from the server's network context. The vulnerability is context-agnostic to network position (AV:N) and requires no special complexity (AC:L) or user interaction (UI:N), making it trivially exploitable over HTTP/HTTPS.

RemediationAI

Upgrade TencentCloudBase CloudBase-MCP to version 2.17.1 or later immediately. The patched release is available at https://github.com/TencentCloudBase/CloudBase-MCP/releases/tag/v2.17.1 and addresses the input validation flaw in the openUrl endpoint. If immediate upgrade is not possible, implement network-level mitigations: restrict access to the open-url API endpoint (typically /open-url or similar) to trusted clients only via firewall rules or API gateway allowlisting, disable the open-url feature entirely if not actively used by disabling the interactive-server component, and isolate CloudBase-MCP instances from internal networks using network segmentation (no direct routing to metadata services, private databases, or admin interfaces). Each mitigation trades functionality for security; feature disablement is most secure but may break dependent applications.

Share

CVE-2026-7221 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy